Skip to main content
CVE-2021-31731 MEDIUM POC This Month

A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Kitecms
NVD GitHub
CVSS 3.1
6.5
EPSS
1.3%
CVE-2021-37700 MEDIUM POC PATCH This Month

@github/paste-markdown is an npm package for pasting markdown objects. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Node.js XSS Paste Markdown
NVD GitHub
CVSS 3.1
6.1
EPSS
1.7%
CVE-2021-38603 MEDIUM POC This Month

PluXML 5.8.7 allows core/admin/profil.php stored XSS via the Information field. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Pluxml
NVD GitHub
CVSS 3.1
4.8
EPSS
1.1%
CVE-2021-38602 MEDIUM POC This Month

PluXML 5.8.7 allows Article Editing stored XSS via Headline or Content. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Pluxml
NVD GitHub
CVSS 3.1
4.8
EPSS
0.8%
CVE-2021-37704 MEDIUM POC PATCH This Month

PhpFastCache is a high-performance backend cache system (packagist package phpfastcache/phpfastcache). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Phpfastcache
NVD GitHub
CVSS 3.1
4.3
EPSS
6.1%
CVE-2021-34534 MEDIUM PATCH This Month

Windows MSHTML Platform Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.

Microsoft RCE Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
6.8
EPSS
1.9%
CVE-2021-34480 MEDIUM PATCH This Month

Scripting Engine Memory Corruption Vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Memory Corruption Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.1
6.8
EPSS
31.8%
CVE-2021-38087 MEDIUM This Month

Reflected cross-site scripting (XSS) was possible on the login page in Acronis Cyber Protect 15 prior to build 27009. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Cyber Protect
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2021-37699 MEDIUM PATCH This Month

Next.js is an open source website development framework to be used with the React library. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Next Js
NVD GitHub
CVSS 3.1
6.1
EPSS
1.2%
CVE-2021-26430 MEDIUM PATCH This Month

Azure Sphere Denial of Service Vulnerability. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity.

Microsoft Denial Of Service Azure Sphere
NVD
CVSS 3.1
6.0
EPSS
0.6%
CVE-2021-38597 MEDIUM PATCH This Month

wolfSSL before 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Wolfssl
NVD GitHub
CVSS 3.1
5.9
EPSS
0.5%
CVE-2021-37692 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37691 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37687 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37685 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37684 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-37683 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37677 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.1%
CVE-2021-37674 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37673 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37672 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37670 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37669 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37668 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37689 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37688 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37686 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37680 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37675 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37661 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37646 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37645 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Buffer Overflow Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37644 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37649 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37647 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37637 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37660 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37653 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Denial Of Service Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37642 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37640 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-37636 MEDIUM PATCH This Month

TensorFlow is an end-to-end open source platform for machine learning. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Tensorflow
NVD GitHub
CVSS 3.1
5.5
EPSS
0.2%
CVE-2021-36938 MEDIUM PATCH This Month

Windows Cryptographic Primitives Library Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.1
5.5
EPSS
0.8%
CVE-2021-34532 MEDIUM PATCH This Month

ASP.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Asp Net Core Visual Studio 2019
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2021-36950 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-36946 MEDIUM PATCH This Month

Microsoft Dynamics Business Central Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365 Business Central Dynamics Nav
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-32809 MEDIUM PATCH This Month

ckeditor is an open source WYSIWYG HTML editor with rich content support. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Code Injection Ckeditor Fedora Application Express +7
NVD GitHub
CVSS 3.1
5.4
EPSS
1.2%
CVE-2021-32808 MEDIUM PATCH This Month

ckeditor is an open source WYSIWYG HTML editor with rich content support. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Ckeditor Fedora Application Express Banking Party Management +9
NVD GitHub
CVSS 3.1
5.4
EPSS
1.2%
CVE-2021-27791 MEDIUM This Month

The function that is used to parse the Authentication header in Brocade Fabric OS Web application service before Brocade Fabric OS v9.0.1a and v8.2.3a fails to properly process a malformed. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Fabric Operating System
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-27793 MEDIUM This Month

ntermittent authorization failure in aaa tacacs+ with Brocade Fabric OS versions before Brocade Fabric OS v9.0.1b and after 9.0.0, also in Brocade Fabric OS before Brocade Fabric OS v8.2.3a and after. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Fabric Operating System
NVD
CVSS 3.1
5.3
EPSS
0.9%
CVE-2021-34485 MEDIUM PATCH This Month

.NET Core and Visual Studio Information Disclosure Vulnerability. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Information Disclosure Net Net Core Powershell Core Visual Studio 2017 +1
NVD
CVSS 3.1
5.0
EPSS
1.3%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy